package com.example.lhh.shiro;

import com.example.lhh.jwt.LhhJwtToke;
import com.example.lhh.user.entity.LhhPermission;
import com.example.lhh.user.entity.LhhRole;
import com.example.lhh.user.entity.LhhUser;
import com.example.lhh.user.service.ILhhRoleService;
import com.example.lhh.user.service.ILhhUserService;
import com.example.lhh.jwt.LhhJwtUtil;
import io.jsonwebtoken.Claims;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.List;

@Component
public class LhhRealm extends AuthorizingRealm  {

    private static final Logger log = LoggerFactory.getLogger(LhhRealm.class);
    @Autowired
    ILhhUserService lhhUserService;
    @Autowired
    ILhhRoleService lhhRoleService;

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof LhhJwtToke;
    }

    /**
     * 授权
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        String userName = (String)principalCollection.getPrimaryPrincipal();
        log.info("userName =>>>>>>>>>>>>>>>>>>>"+userName);
        LhhUser lhhUser = lhhUserService.getRoleByUserName(userName);
        List<LhhRole> roleList = lhhUser.getRoleList();
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        for(LhhRole role : roleList){
            //角色ID
            String roleId = role.getRoleId();
            String roleName = role.getRoleName();
            simpleAuthorizationInfo.addRole(roleName);
            //通过角色ID获取权限
            LhhRole lhhRole = lhhRoleService.getAuthorityByRoleId(roleId);
            List<LhhPermission> lhhAuthorityList = lhhRole.getAuthorityList();
            for(LhhPermission authority : lhhAuthorityList){
                String perName = authority.getPerName();
                simpleAuthorizationInfo.addStringPermission(perName);
            }
        }
        return simpleAuthorizationInfo;
    }

    /**
     * 认证
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        log.info("认证开始验证");
        //获取token
        LhhJwtToke lhhJwtToke = (LhhJwtToke) authenticationToken;
        String toke = lhhJwtToke.getPrincipal().toString();
        //解析token获取里面的用户
        Claims claims = LhhJwtUtil.parseJwt(toke);
        String userName = (String) claims.get("aud");//获取用户
        LhhUser lhhUser = lhhUserService.getLhhUserByUserNo(userName);
        if(lhhUser == null){
            return null;
        }
        return new SimpleAuthenticationInfo(userName, toke, getName());
    }
}
